6 Summary: The OpenSSH implementation of SSH protocol versions 1 and 2
7 Url: http://www.openssh.com/portable.html
8 Source0: openssh-%{version}.tar.bz2
9 Source1: openssh-nukeacss.sh
11 Source5: sshd@.service
13 Source7: sshd-keygen.service
16 Source1001: openssh.manifest
18 Patch0: 0001-customize-configuration.patch
19 Patch1: 0002-log-in-chroot.patch
20 Patch2: 0003-rand-clean.patch
21 Patch3: 0004-big-uid.patch
22 Patch4: 0005-client-loop.patch
23 Patch5: 0006-CVE-2010-4478.patch
24 Patch6: 0007-Do-not-put-ssh-keys-in-etc.patch
27 Group: Applications/Internet
29 BuildRequires: autoconf
30 BuildRequires: automake
31 BuildRequires: nss-devel
33 BuildRequires: util-linux
35 BuildRequires: zlib-devel
36 BuildRequires: pkgconfig(ncurses)
37 BuildRequires: pkgconfig(openssl)
38 BuildRequires: pam-devel
42 Summary: The OpenSSH client applications
43 Group: Applications/Internet
44 Requires: openssh = %{version}
47 Summary: The OpenSSH server daemon
49 Requires: openssh = %{version}
53 SSH (Secure SHell) is a program for logging into and executing
54 commands on a remote machine. SSH is intended to replace rlogin and
55 rsh, and to provide secure encrypted communications between two
56 untrusted hosts over an insecure network. X11 connections and
57 arbitrary TCP/IP ports can also be forwarded over the secure channel.
59 OpenSSH is OpenBSD's version of the last free version of SSH, bringing
60 it up to date in terms of security and features, as well as removing
61 all patented algorithms to separate libraries.
63 This package includes the core files necessary for both the OpenSSH
64 client and server. To make this package useful, you should also
65 install openssh-clients, openssh-server, or both.
68 OpenSSH is a free version of SSH (Secure SHell), a program for logging
69 into and executing commands on a remote machine. This package includes
70 the clients necessary to make encrypted connections to SSH servers.
71 You'll also need to install the openssh package on OpenSSH clients.
74 OpenSSH is a free version of SSH (Secure SHell), a program for logging
75 into and executing commands on a remote machine. This package contains
76 the secure shell daemon (sshd). The sshd daemon allows SSH clients to
77 securely connect to your SSH server. You also need to have the openssh
92 CFLAGS="%{optflags}"; export CFLAGS
93 CFLAGS="$CFLAGS -fpie"
95 LDFLAGS="$LDFLAGS -pie"; export LDFLAGS
98 --sysconfdir=%{_sysconfdir}/ssh \
99 --libexecdir=%{_libexecdir}/openssh \
100 --datadir=%{_datadir}/openssh \
101 --with-rsh=%{_bindir}/rsh \
102 --with-default-path=/usr/local/bin:/bin:/usr/bin \
103 --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \
104 --with-privsep-path=%{_localstatedir}/empty/sshd \
105 --enable-vendor-patchlevel="FC-%{version}-%{release}" \
107 --without-zlib-version-check \
115 mkdir -p -m755 %{buildroot}%{_sysconfdir}/ssh
116 mkdir -p -m755 %{buildroot}%{_libexecdir}/openssh
117 mkdir -p -m755 %{buildroot}%{_localstatedir}/empty/sshd
120 rm -f %{buildroot}%{_sysconfdir}/ssh/ldap.conf
122 install -d %{buildroot}%{_libexecdir}/openssh
123 install -m755 contrib/ssh-copy-id %{buildroot}%{_bindir}/
125 # systemd integration
126 install -D -m 0644 %{SOURCE4} %{buildroot}/%{_libdir}/systemd/system/sshd.service
127 install -D -m 0644 %{SOURCE5} %{buildroot}/%{_libdir}/systemd/system/sshd@.service
128 install -D -m 0644 %{SOURCE6} %{buildroot}/%{_libdir}/systemd/system/sshd.socket
129 install -D -m 0644 %{SOURCE7} %{buildroot}/%{_libdir}/systemd/system/sshd-keygen.service
130 mkdir -p %{buildroot}/%{_libdir}/systemd/system/multi-user.target.wants
131 ln -s ../sshd.socket %{buildroot}/%{_libdir}/systemd/system/multi-user.target.wants/sshd.socket
132 install -D -m 0755 %{SOURCE8} %{buildroot}%{_sbindir}/sshd-keygen
133 mkdir -p %{buildroot}/%{_libdir}/systemd/system/multi-user.target.wants
134 ln -s ../sshd-keygen.service %{buildroot}/%{_libdir}/systemd/system/multi-user.target.wants/sshd-keygen.service
136 rm -f %{buildroot}%{_sysconfdir}/profile.d/gnome-ssh-askpass.*
138 mkdir -p %{buildroot}/var/empty/sshd
140 install -d %{buildroot}%{_sysconfdir}/pam.d/
141 install -m644 %{SOURCE9} %{buildroot}%{_sysconfdir}/pam.d/sshd
145 rm -rf %{buildroot}%{_datadir}/man
149 if [ $1 -eq 1 ] ; then
150 /usr/bin/systemctl daemon-reload >/dev/null 2>&1 || :
151 /usr//bin/systemctl enable sshd.service >/dev/null 2>&1 || :
152 /usr//bin/systemctl enable sshd-keygen.service >/dev/null 2>&1 || :
156 /usr/bin/systemctl daemon-reload >/dev/null 2>&1 || :
157 if [ $1 -ge 1 ] ; then
158 # Package upgrade, not uninstall
159 /usr//bin/systemctl try-restart sshd.service >/dev/null 2>&1 || :
163 if [ $1 -eq 0 ] ; then
164 # Package removal, not upgrade
165 /usr/bin/systemctl --no-reload disable sshd.service > /dev/null 2>&1 || :
166 /usr//bin/systemctl stop sshd.service > /dev/null 2>&1 || :
171 %manifest openssh.manifest
172 %attr(0755,root,root) %dir %{_sysconfdir}/ssh
173 %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
175 %attr(0755,root,root) %{_bindir}/ssh-keygen
176 %attr(0755,root,root) %dir %{_libexecdir}/openssh
177 %attr(4755,root,root) %{_libexecdir}/openssh/ssh-keysign
180 %manifest openssh.manifest
181 %attr(0755,root,root) %{_bindir}/ssh
182 %attr(0755,root,root) %{_bindir}/scp
183 %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
184 %attr(0755,root,root) %{_bindir}/slogin
185 %attr(2755,root,nobody) %{_bindir}/ssh-agent
186 %attr(0755,root,root) %{_bindir}/ssh-add
187 %attr(0755,root,root) %{_bindir}/ssh-keyscan
188 %attr(0755,root,root) %{_bindir}/sftp
189 %attr(0755,root,root) %{_bindir}/ssh-copy-id
190 %attr(0755,root,root) %{_libexecdir}/openssh/ssh-pkcs11-helper
193 %manifest openssh.manifest
194 %dir %attr(0711,root,root)
195 %attr(0750,root,root) /var/empty/sshd
196 %attr(0755,root,root) %{_sbindir}/sshd
197 %attr(0755,root,root) %{_libexecdir}/openssh/sftp-server
198 %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
199 %{_libdir}/systemd/system/sshd.service
200 %{_libdir}/systemd/system/sshd.socket
201 %{_libdir}/systemd/system/sshd@.service
202 %{_libdir}/systemd/system/sshd-keygen.service
203 %{_libdir}/systemd/system/multi-user.target.wants/sshd.socket
204 %{_libdir}/systemd/system/multi-user.target.wants/sshd-keygen.service
205 %{_sbindir}/sshd-keygen
206 %{_sysconfdir}/pam.d/sshd